FLexVPN SPOKE-SPOKE
Dla R2, R3, R4:

crypto ikev2 keyring KEYR1
peer ANYPEER
address 0.0.0.0
pre-shared-key local Cisco
pre-shared-key remote Cisco

crypto ikev2 profile Profil1
match identity remote address 0.0.0.0 0.0.0.0
authentication local pre-share
authentication remote pre-share
keyring local KEYR1
aaa authorization group override psk list AUTHPOLICY1 AUTHPOLICY1

crypto ipsec transform-set TR1 esp-sha256-hmac esp-aes

crypto ipsec profile IPprof1
set transform-set TR1
set ikev2-profile Profil1


aaa new-model
aaa authorization network default local

crypto ikev2 authorization policy AUTHPOLICY1
route set interface


#####


Dla wszystkich Spoke (R2, R3, R4):
int tun 12
ip address negotiated
tunnel source g0/1
tunnel destination 192.0.2.1
tunnel protection ipsec profile IPprof1
ip nhrp network-id 1
ip nhrp shortcut virtual-template 12


int virtual-template 12 type tunnel 
ip unnumbered tunnel 12
tunnel source g0/1
ip nhrp network-id 1
ip nhrp shortcut virtual-template 12
tunnel protection ipsec profile IPprof1




#####
Koncentrator (R1):


int loopback 3
ip add 1.1.1.1 255.255.255.0

ip local pool PULAIP 1.1.1.2 1.1.1.10

aaa new-model
aaa authorization network default local


crypto ikev2 authorization policy AUTHPOLICY1
pool PULAIP
route set interface


crypto ikev2 keyring KEYR1
peer ANYPEER
address 0.0.0.0
pre-shared-key local Cisco
pre-shared-key remote Cisco

crypto ikev2 profile Profil1
match identity remote address 0.0.0.0 0.0.0.0
authentication local pre-share
authentication remote pre-share
keyring local KEYR1
virtual-template 1
aaa authorization group override psk list AUTHPOLICY1 AUTHPOLICY1

crypto ipsec transform-set TR1 esp-sha256-hmac esp-aes

crypto ipsec profile IPprof1
set transform-set TR1
set ikev2-profile Profil1



interface virtual-template 1 type tunnel
tunnel source g0/1
ip unnumbered loopback 3
tunnel protection ipsec profile IPprof1
ip nhrp network-id 1
ip nhrp redirect






####
Dla R1:
router eigrp 1
network 1.1.1.0 0.0.0.255

Dla R2:
router eigrp 1
network 1.1.1.0 0.0.0.255
network 172.16.2.0 0.0.0.255
network 192.168.2.0 0.0.0.255

Dla R3:
router eigrp 1
network 1.1.1.0 0.0.0.255
network 172.16.3.0 0.0.0.255
network 192.168.3.0 0.0.0.255

Dla R4:
router eigrp 1
network 1.1.1.0 0.0.0.255
network 172.16.4.0 0.0.0.255
network 192.168.4.0 0.0.0.255